Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/SzhneGkaIkf7xdHmRFd7bAKpjos.roa
File:                     SzhneGkaIkf7xdHmRFd7bAKpjos.roa (raw, json)
Hash identifier:          x8K9l9SCml2lmtS3JDvogp9forDrbJobw6rId3iBOOA=
Subject key identifier:   4B:38:67:78:69:1A:22:47:FB:C5:D1:E6:44:57:7B:6C:02:A9:8E:8B
Certificate issuer:       /CN=ce0b298e1e2b300469070d1c10ccaea6f1f80ae2
Certificate serial:       0148DEFF
Authority key identifier: CE:0B:29:8E:1E:2B:30:04:69:07:0D:1C:10:CC:AE:A6:F1:F8:0A:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgspjh4rMARpBw0cEMyupvH4CuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/SzhneGkaIkf7xdHmRFd7bAKpjos.roa
Signing time:             Wed 23 Feb 2022 22:34:43 +0000
ROA not before:           Wed 23 Feb 2022 22:34:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206092
IP address blocks:        185.251.19.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21552895 (0x148deff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0b298e1e2b300469070d1c10ccaea6f1f80ae2
        Validity
            Not Before: Feb 23 22:34:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b386778691a2247fbc5d1e644577b6c02a98e8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:57:7c:b3:75:1f:3a:02:b0:6a:04:8e:45:22:
                    52:94:a5:e0:4a:f8:0c:bd:cb:31:f2:cb:41:a1:9c:
                    9d:ca:88:77:24:bd:d2:a2:02:0a:7e:95:c6:65:6d:
                    44:9a:83:fe:1c:1a:8f:f1:4d:d0:57:40:8f:15:fb:
                    2b:c2:66:34:f8:b9:d8:9e:29:c8:41:97:a6:94:c8:
                    60:6b:c8:d3:2f:2d:09:83:83:50:f4:e0:bd:d7:4d:
                    40:05:c4:14:98:bd:5c:1c:f4:a3:c6:19:34:a2:52:
                    dd:6f:63:3c:c2:55:5f:77:89:57:01:76:de:ce:45:
                    71:85:75:39:b5:b4:7c:66:60:27:64:95:48:eb:65:
                    31:a0:3e:8c:15:b7:0b:56:cb:a7:b6:b9:54:4d:85:
                    69:50:50:ed:80:28:03:59:fe:30:ea:c9:3e:2f:94:
                    0b:0a:9f:fe:24:e4:c4:5a:10:6b:6d:ae:82:5b:a9:
                    58:fd:ac:2c:b2:a0:1a:2a:5e:d5:02:41:f8:45:39:
                    98:f8:df:61:d5:e9:e9:30:00:78:17:f1:8d:33:ca:
                    75:e1:7b:d1:85:27:92:7a:3d:ac:8d:a0:b4:79:9c:
                    38:67:06:b3:76:42:6e:94:fb:9e:12:ea:e1:ee:0a:
                    e0:f2:7b:c1:fa:84:a9:91:02:6f:df:3f:08:8b:5b:
                    5a:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:38:67:78:69:1A:22:47:FB:C5:D1:E6:44:57:7B:6C:02:A9:8E:8B
            X509v3 Authority Key Identifier:
                keyid:CE:0B:29:8E:1E:2B:30:04:69:07:0D:1C:10:CC:AE:A6:F1:F8:0A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgspjh4rMARpBw0cEMyupvH4CuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/SzhneGkaIkf7xdHmRFd7bAKpjos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/zgspjh4rMARpBw0cEMyupvH4CuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.251.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:1e:07:ef:02:20:6c:b2:69:3f:b4:ea:60:46:74:98:91:7c:
         4c:b9:60:0c:3c:bb:4b:15:85:83:1d:89:7a:ea:e8:0b:f4:6c:
         27:96:eb:09:a8:91:e2:8c:4c:b0:32:d5:c5:b3:ab:a3:39:86:
         a1:f9:3d:28:80:ea:51:08:cd:44:4d:d4:a8:e4:6a:03:62:0c:
         da:f8:99:45:48:a5:ee:07:20:a5:2b:2e:a5:d6:11:8f:ee:e7:
         ff:7e:21:c2:d5:a8:31:40:98:fe:2b:07:9d:09:d5:46:9f:f0:
         c6:18:32:31:f6:fe:22:58:35:e9:89:d6:f1:7a:3f:5d:f1:ce:
         d7:ef:f1:38:d0:a3:37:80:d8:be:13:44:af:70:41:e9:d1:8d:
         30:cc:f0:bc:cf:39:c3:b8:75:5b:d6:cf:cf:12:c3:cc:33:07:
         c8:20:95:77:dc:18:62:be:9c:13:9d:b4:71:10:6b:57:b0:27:
         47:fa:f5:da:03:e7:70:c2:45:66:5d:ee:f2:6d:c0:aa:51:0a:
         6a:8d:fd:c7:4b:5d:4b:67:db:05:07:cf:0a:bc:a6:81:0a:79:
         4d:0e:08:b0:f4:97:ee:3b:ea:b3:d7:e7:45:22:d9:86:b8:8d:
         0e:14:ee:3f:7a:ec:6c:59:b2:44:93:d4:30:bd:ed:57:fe:48:
         cf:fc:6f:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUje/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTBiMjk4ZTFlMmIzMDA0NjkwNzBkMWMxMGNjYWVhNmYxZjgwYWUyMB4XDTIyMDIy
MzIyMzQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIzODY3Nzg2OTFh
MjI0N2ZiYzVkMWU2NDQ1NzdiNmMwMmE5OGU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxXfLN1HzoCsGoEjkUiUpSl4Er4DL3LMfLLQaGcncqIdyS9
0qICCn6VxmVtRJqD/hwaj/FN0FdAjxX7K8JmNPi52J4pyEGXppTIYGvI0y8tCYOD
UPTgvddNQAXEFJi9XBz0o8YZNKJS3W9jPMJVX3eJVwF23s5FcYV1ObW0fGZgJ2SV
SOtlMaA+jBW3C1bLp7a5VE2FaVBQ7YAoA1n+MOrJPi+UCwqf/iTkxFoQa22uglup
WP2sLLKgGipe1QJB+EU5mPjfYdXp6TAAeBfxjTPKdeF70YUnkno9rI2gtHmcOGcG
s3ZCbpT7nhLq4e4K4PJ7wfqEqZECb98/CItbWn8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRLOGd4aRoiR/vF0eZEV3tsAqmOizAfBgNVHSMEGDAWgBTOCymOHiswBGkH
DRwQzK6m8fgK4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pnc3BqaDRyTUFScEJ3MGNFTXl1cHZINEN1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYTMxNzY4LWQ0NGEtNDc0YS04NTE0LTBjNWQ3MDMxZmZhZC8x
L1N6aG5lR2thSWtmN3hkSG1SRmQ3YkFLcGpvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YTMxNzY4LWQ0NGEtNDc0YS04NTE0LTBjNWQ3MDMxZmZhZC8xL3pnc3BqaDRyTUFS
cEJ3MGNFTXl1cHZINEN1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn7EzANBgkqhkiG9w0BAQsFAAOC
AQEAWx4H7wIgbLJpP7TqYEZ0mJF8TLlgDDy7SxWFgx2JeuroC/RsJ5brCaiR4oxM
sDLVxbOrozmGofk9KIDqUQjNRE3UqORqA2IM2viZRUil7gcgpSsupdYRj+7n/34h
wtWoMUCY/isHnQnVRp/wxhgyMfb+Ilg16YnW8Xo/XfHO1+/xONCjN4DYvhNEr3BB
6dGNMMzwvM85w7h1W9bPzxLDzDMHyCCVd9wYYr6cE520cRBrV7AnR/r12gPncMJF
Zl3u8m3AqlEKao39x0tdS2fbBQfPCrymgQp5TQ4IsPSX7jvqs9fnRSLZhriNDhTu
P3rsbFmyRJPUML3tV/5Iz/xvNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org